public class CMSBuilder
extends java.lang.Object
implements java.io.Serializable
CMSBuilder takes care of:
Modifier and Type | Field and Description |
---|---|
private byte[] |
certBytes |
private java.lang.String |
dataContentType |
private java.lang.String |
dataFileName |
private byte[] |
dataHash |
private java.lang.String |
dataPath |
private java.lang.String |
digestAlgorithm |
private java.lang.String |
encodedDigest |
private java.lang.String |
encryptionAlgorithm |
private ExternalSignatureSignerInfoGenerator |
infoGen |
private java.util.Date |
signingTime |
private byte[] |
streamHash |
private static int |
WRAP_AFTER |
Constructor and Description |
---|
CMSBuilder(byte[] docHash,
java.lang.String digestAlgorithm,
java.lang.String encryptionAlgorithm) |
CMSBuilder(java.io.InputStream dataStream,
java.lang.String digestAlgorithm,
java.lang.String encryptionAlgorithm) |
CMSBuilder(java.lang.String digestAlgorithm,
java.lang.String encryptionAlgorithm) |
Modifier and Type | Method and Description |
---|---|
private byte[] |
applyDigest(java.lang.String digestAlg,
byte[] bytes) |
private byte[] |
applyPkcs1Padding(int resultLength,
byte[] srcBytes) |
org.bouncycastle.cms.CMSSignedData |
buildCMSSignedData(ExternalSignatureSignerInfoGenerator infoGen,
byte[] data,
byte[] sigBytes,
byte[] certBytes) |
org.bouncycastle.cms.CMSSignedData |
buildCMSSignedData(java.io.InputStream contentStream,
java.lang.String encodedEcryptedDigest) |
org.bouncycastle.cms.CMSSignedData |
buildCMSSignedData(java.io.InputStream contentStream,
java.lang.String encodedEcryptedDigest,
java.lang.String encodedCert) |
private byte[] |
encapsulateInDigestInfo(java.lang.String digestAlg,
byte[] digestBytes) |
static java.lang.String |
formatAsString(byte[] bytes,
java.lang.String byteSeparator,
int wrapAfter) |
private byte[] |
getAuthenticatedAttributesBytes()
Calculates data to be signed.
|
java.lang.String |
getDataContentType() |
java.lang.String |
getDataFileName() |
java.lang.String |
getDataPath() |
java.lang.String |
getEncodedDataHash() |
java.lang.String |
getEncodedDigest() |
java.lang.String |
getEncodedGMTSigningTime() |
java.util.Date |
getSigningTime() |
java.lang.String |
getSigningTimeAsString() |
private byte[] |
hashContent(java.io.InputStream in) |
void |
initializeDataHash(java.io.InputStream dataStream)
Calculates the content data hash.
|
private void |
initializeInfoGen(java.lang.String digestAlgorithm,
java.lang.String encryptionAlgorithm) |
private java.util.Date |
parseSigningTime(byte[] bytes,
java.io.PrintWriter pw) |
void |
setCertBytes(byte[] certBytes) |
void |
setCertBytes(java.lang.String encodedCert) |
void |
setDataContentType(java.lang.String dataContentType) |
void |
setDataFileName(java.lang.String dataFileName) |
void |
setDataPath(java.lang.String dataPath) |
void |
setSigningTime(java.util.Date signingTime) |
void |
streamAndHashContent(java.io.InputStream in,
java.io.OutputStream out)
Connects an input stream to an output stream hashing on the fly.
|
java.lang.String |
updateEncodedDigest()
Triggers encoded digest recalculation.
|
private static int WRAP_AFTER
private ExternalSignatureSignerInfoGenerator infoGen
private java.lang.String digestAlgorithm
private java.lang.String encryptionAlgorithm
private byte[] dataHash
private java.lang.String dataPath
private byte[] streamHash
private byte[] certBytes
private java.lang.String encodedDigest
private java.util.Date signingTime
private java.lang.String dataContentType
private java.lang.String dataFileName
public CMSBuilder(java.lang.String digestAlgorithm, java.lang.String encryptionAlgorithm)
public CMSBuilder(java.io.InputStream dataStream, java.lang.String digestAlgorithm, java.lang.String encryptionAlgorithm) throws java.io.IOException, java.security.NoSuchAlgorithmException
java.io.IOException
java.security.NoSuchAlgorithmException
public CMSBuilder(byte[] docHash, java.lang.String digestAlgorithm, java.lang.String encryptionAlgorithm) throws java.io.IOException, java.security.NoSuchAlgorithmException
java.io.IOException
java.security.NoSuchAlgorithmException
public void initializeDataHash(java.io.InputStream dataStream) throws java.security.NoSuchAlgorithmException, java.io.IOException
All subsequent content related calculation, such as
in updateEncodedDigest()
method, will keep this value as integrity reference.
dataStream
- java.security.NoSuchAlgorithmException
java.io.IOException
private void initializeInfoGen(java.lang.String digestAlgorithm, java.lang.String encryptionAlgorithm)
public java.lang.String updateEncodedDigest() throws java.security.NoSuchAlgorithmException, java.io.IOException
Invokes the private getAuthenticatedAttributesBytes()
method obtaining the raw digest,
encapsulates it in a digestInfo
structure, finally encoding the result
in base64
.
base64
encoding of the data to be signed.java.security.NoSuchAlgorithmException
java.io.IOException
private byte[] applyDigest(java.lang.String digestAlg, byte[] bytes) throws java.security.NoSuchAlgorithmException
java.security.NoSuchAlgorithmException
private byte[] encapsulateInDigestInfo(java.lang.String digestAlg, byte[] digestBytes) throws java.io.IOException
java.io.IOException
private byte[] applyPkcs1Padding(int resultLength, byte[] srcBytes)
private byte[] getAuthenticatedAttributesBytes()
Builds the CMS authenticated attributes; ContentType and MessageDigest
are mandatory, optional SigningTime (taken from current system time) is
added by default. This method waits for the completion of the
synchronized streamAndHashContent
method, so that bytes to sign
is returned only when the streamed content is identical to the original
one.
public java.lang.String getSigningTimeAsString()
public java.lang.String getEncodedGMTSigningTime()
private java.util.Date parseSigningTime(byte[] bytes, java.io.PrintWriter pw)
public org.bouncycastle.cms.CMSSignedData buildCMSSignedData(java.io.InputStream contentStream, java.lang.String encodedEcryptedDigest) throws java.security.NoSuchAlgorithmException, java.io.IOException
java.security.NoSuchAlgorithmException
java.io.IOException
public org.bouncycastle.cms.CMSSignedData buildCMSSignedData(java.io.InputStream contentStream, java.lang.String encodedEcryptedDigest, java.lang.String encodedCert) throws java.io.IOException, java.security.NoSuchAlgorithmException
java.io.IOException
java.security.NoSuchAlgorithmException
public org.bouncycastle.cms.CMSSignedData buildCMSSignedData(ExternalSignatureSignerInfoGenerator infoGen, byte[] data, byte[] sigBytes, byte[] certBytes)
public static java.lang.String formatAsString(byte[] bytes, java.lang.String byteSeparator, int wrapAfter)
public java.util.Date getSigningTime()
public void setSigningTime(java.util.Date signingTime)
public void setCertBytes(byte[] certBytes)
public void setCertBytes(java.lang.String encodedCert)
public java.lang.String getEncodedDigest()
public java.lang.String getEncodedDataHash()
public void streamAndHashContent(java.io.InputStream in, java.io.OutputStream out) throws java.io.IOException, java.security.NoSuchAlgorithmException
The calculated hash is saved in a private property. This method is
synchronized with the private
getAuthenticatedAttributesBytes
(invoked by public
updateEncodedDigest()
) which waits for its completion.
in
- The input stream the hash is calculated upon.out
- The output stream.java.io.IOException
java.security.NoSuchAlgorithmException
private byte[] hashContent(java.io.InputStream in) throws java.io.IOException, java.security.NoSuchAlgorithmException
java.io.IOException
java.security.NoSuchAlgorithmException
public java.lang.String getDataPath()
public void setDataPath(java.lang.String dataPath)
public java.lang.String getDataContentType()
public void setDataContentType(java.lang.String dataContentType)
public java.lang.String getDataFileName()
public void setDataFileName(java.lang.String dataFileName)